CVE-2010-4227

Name of the Vulnerable Software and Affected Versions Novell Netware version 6.5 before SP8

Description The issue allows remote attackers to cause a denial of service or execute arbitrary code via a crafted value in a NFS RPC request. This is due to a stack-based buffer overflow in the xdrDecodeString function. The attack is performed by sending a request to port UDP 1234.

Recommendations For Novell Netware version 6.5 before SP8, apply the SP8 patch to resolve the issue. As a temporary workaround, consider restricting access to the NFS RPC service on port UDP 1234 to minimize the risk of exploitation.